maxdb_real_escape_string maxdb->real_escape_string Escapes special characters in a string for use in a SQL statement, taking into account the current charset of the connection &reftitle.description; Procedural style: stringmaxdb_real_escape_string resourcelink stringescapestr Object oriented style (method): maxdb string real_escape_sring stringescapestr This function is used to create a legal SQL string that you can use in a SQL statement. The string escapestr is encoded to an escaped SQL string, taking into account the current character set of the connection. Characters encoded are ', ". &reftitle.returnvalues; Returns an escaped string. &reftitle.examples; query("CREATE TABLE temp.mycity LIKE hotel.city"); $city = "'s Hertogenbosch"; /* this query will fail, cause we didn't escape $city */ if (!$maxdb->query("INSERT into temp.mycity VALUES ('11111','$city','NY')")) { printf("Error: %s\n", $maxdb->sqlstate); } $city = $maxdb->real_escape_string($city); /* this query with escaped $city will work */ if ($maxdb->query("INSERT into temp.mycity VALUES ('22222','$city','NY')")) { printf("%d Row inserted.\n", $maxdb->affected_rows); } $maxdb->close(); ?> ]]> ]]> &example.outputs.similar; Error: 42000 1 Row inserted. ]]> &reftitle.seealso; maxdb_character_set_name